However, decision-making based on such processing, including profiling, should be allowed where expressly authorised

by Union or Member State law to which the controller is subject, including for fraud and tax-evasion monitoring and
prevention purposes conducted in accordance with the regulations, standards and recommendations of Union
institutions or national oversight bodies and to ensure the security and reliability of a service provided by the controller,
or necessary for the entering or performance of a contract between the data subject and a controller, or when the data
subject has given his or her explicit consent. In any case, such processing should be subject to suitable safeguards, which
should include specific information to the data subject and the right to obtain human intervention, to express his or her
point of view, to obtain an explanation of the decision reached after such assessment and to challenge the decision. Such
measure should not concern a child.

(75) The risk to the rights and freedoms of natural persons, of varying likelihood and severity, may result from personal
data processing which could lead to physical, material or non-material damage, in particular: where the processing may
give rise to discrimination, identity theft or fraud, financial loss, damage to the reputation, loss of confidentiality of
personal data protected by professional secrecy, unauthorised reversal of pseudonymisation, or any other significant
economic or social disadvantage; where data subjects might be deprived of their rights and freedoms or prevented from
exercising control over their personal data; where personal data are processed which reveal racial or ethnic origin,
political opinions, religion or philosophical beliefs, trade union membership, and the processing of genetic data, data
concerning health or data concerning sex life or criminal convictions and offences or related security measures; where
personal aspects are evaluated, in particular analysing or predicting aspects concerning performance at work, economic
situation, health, personal preferences or interests, reliability or behaviour, location or movements, in order to create or
use personal profiles; where personal data of vulnerable natural persons, in particular of children, are processed; or
where processing involves a large amount of personal data and affects a large number of data subjects.

Art 4, definitions

(4) ‘profiling’ means any form of automated processing of personal data consisting of the use of personal data to
evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that
natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour,
location or movements;

Article 22 Automated individual decision-making, including profiling

1.The data subject shall have the right not to be subject to a decision based solely on automated processing, including
profiling, which produces legal effects concerning him or her or similarly significantly affects him or her.

2.Paragraph 1 shall not apply if the decision:

(a) is necessary for entering into, or performance of, a contract between the data subject and a data controller;

(b) is authorised by Union or Member State law to which the controller is subject and which also lays down suitable
measures to safeguard the data subject's rights and freedoms and legitimate interests; or

(c) is based on the data subject's explicit consent.

3.In the cases referred to in points (a) and (c) of paragraph 2, the data controller shall implement suitable measures to
safeguard the data subject's rights and freedoms and legitimate interests, at least the right to obtain human intervention
on the part of the controller, to express his or her point of view and to contest the decision.

4.Decisions referred to in paragraph 2 shall not be based on special categories of personal data referred to in Article 9(1),
unless point (a) or (g) of Article 9(2) applies and suitable measures to safeguard the data subject's rights and freedoms
and legitimate interests are in place.
Article 9 Processing of special categories of personal data 1

.Processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade
union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural
person, data concerning health or data concerning a natural person's sex life or sexual orientation…

2.Paragraph 1 shall not apply if one of the following applies:

(a) the data subject has given explicit consent to the processing of those personal data for one or more specified
purposes, except where Union or Member State law provide that the prohibition referred to in paragraph 1 may not be
lifted by the data subject;

(b) processing is necessary for the purposes of carrying out the obligations and exercising specific rights of the controller
or of the data subject in the field of employment and social security and social protection law in so far as it is authorised
by Union or Member State law or a collective agreement pursuant to Member State law providing for appropriate
safeguards for the fundamental rights and the interests of the data subject;

(c) processing is necessary to protect the vital interests of the data subject or of another natural person where the data
subject is physically or legally incapable of giving consent;

(d) processing is carried out in the course of its legitimate activities with appropriate safeguards by a foundation,
association or any other not-for-profit body with a political, philosophical, religious or trade union aim and on condition
that the processing relates solely to the members or to former members of the body or to persons who have regular
contact with it in connection with its purposes and that the personal data are not disclosed outside that body without
the consent of the data subjects;

(e) processing relates to personal data which are manifestly made public by the data subject;

(f) processing is necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in
their judicial capacity;

(g) processing is necessary for reasons of substantial public interest, on the basis of Union or Member State law which
shall be proportionate to the aim pursued, respect the essence of the right to data protection and provide for suitable
and specific measures to safeguard the fundamental rights and the interests of the data subject;

(h) processing is necessary for the purposes of preventive or occupational medicine, for the assessment of the working
capacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of
health or social care systems and services on the basis of Union or Member State law or pursuant to contract with a
health professional and subject to the conditions and safeguards referred to in paragraph 3;

(i) processing is necessary for reasons of public interest in the area of public health, such as protecting against serious
cross-border threats to health or ensuring high standards of quality and safety of health care and of medicinal products
or medical devices, on the basis of Union or Member State law which provides for suitable and specific measures to
safeguard the rights and freedoms of the data subject, in particular professional secrecy;

(j) processing is necessary for archiving purposes in the public interest, scientific or historical research purposes or
statistical purposes in accordance with Article 89(1) based on Union or Member State law which shall be proportionate
to the aim pursued, respect the essence of the right to data protection and provide for suitable and specific measures to
safeguard the fundamental rights and the interests of the data subject.

3.Personal data referred to in paragraph 1 may be processed for the purposes referred to in point (h) of paragraph 2
when those data are processed by or under the responsibility of a professional subject to the obligation of professional
secrecy under Union or Member State law or rules established by national competent bodies or by another person also
subject to an obligation of secrecy under Union or Member State law or rules established by national competent bodies.
4.Member States may maintain or introduce further conditions, including limitations, with regard to the processing of
genetic data, biometric data or data concerning health.